1   1  /  1  页   跳转

这毒太狠了。。。。。

收藏
SLyuCdian
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2006-01-24
  • 来自:
发表于: 2006-01-24 20:11 | 显示全部 短消息 资料
字号: 1楼

这毒太狠了。。。。。

啊啊,今天中毒了,毒不给我开瑞星,不给开监控,给别的病毒敞开了大门,去网上杀毒过,杀了毒,也没用。。。。。。
有人懂怎么回事吗~~
最后编辑2006-01-24 21:03:29
分享到:
gototop
 
SLyuCdian
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2006-01-24
  • 来自:
发表于: 2006-01-24 20:23 | 显示全部 短消息 资料
字号: 2楼

日记怎么导出??还有瑞星杀毒开不了啊,安全模式有用吗?
gototop
 
SLyuCdian
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2006-01-24
  • 来自:
发表于: 2006-01-24 20:26 | 显示全部 短消息 资料
字号: 3楼

日记是这个东西吗
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run           

+ EM_EXEC    Control Center    Logitech Inc.                        c:\program files\logitech\mouseware\system\em_exec.exe

+ RavTask    RavTimer    Beijing Rising Technology Co., Ltd.    c:\program files\rising\rav\ravtask.exe

+ StormCodec_Helper            c:\program files\ringz studio\storm codec\stormset.exe

+ Super Rabbit SRRestore            File not found: H:\Super Rabbit\MagicSet\srrestore.exe

+ yassistse    AssistSetting    Yahoo!    c:\program files\yahoo!\assistant\yassistse.exe

+ YLive.exe    YLive         c:\program files\yahoo!\assistant\ylive.exe

C:\Documents and Settings\Administrator\「开始」菜单\程序\启动           

+ 连接设备 Realtek RTL8139(A) PCI Fast Ethernet Adapter #2.lnk            c:\documents and settings\administrator\「开始」菜单\程序\启动\连接设备 realtek rtl8139(a) pci fast ethernet adapter #2.lnk

HKCU\Software\Microsoft\Windows\CurrentVersion\Run           

+ BitComet    BitComet - a BitTorrent Client    www.BitComet.com    h:\bt\bitcomet\bitcomet.exe

+ KavPFW    Kingsoft Personal Firewall Main Program    Kingsoft Corporation    c:\kav2005\kavpfw.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks           

+ Rising Execute File Exts hook    Rising Shell Ext Module    Beijing Rising Technology Co., Ltd.    c:\winnt\system32\ravext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved           

+ GMail Drive    GMail File System Shell Namespace Extension    Bjarke Viksoe    c:\winnt\system32\shellext\gmailfs.dll

+ GMailFS Context Menu    GMail File System Shell Namespace Extension    Bjarke Viksoe    c:\winnt\system32\shellext\gmailfs.dll

+ GMailFS Drop Handler    GMail File System Shell Namespace Extension    Bjarke Viksoe    c:\winnt\system32\shellext\gmailfs.dll

+ GMailFS Property Sheet    GMail File System Shell Namespace Extension    Bjarke Viksoe    c:\winnt\system32\shellext\gmailfs.dll

+ RISING    Rising Shell Ext Module    Beijing Rising Technology Co., Ltd.    c:\winnt\system32\ravext.dll

+ Yahoo!Photo    yPhtb    Yahoo! China    c:\program files\yahoo!\assistant\assist\yphtb.dll

+ 粉碎文件    Wiper 动态链接库        c:\program files\yahoo!\assistant\assist\ywiper.dll

HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved           

+ Web 文件夹            c:\program files\common files\microsoft shared\web folders\msonsext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects           

+ AntiFish Class    yangling.dll    Yahoo.    c:\program files\yahoo!\assistant\assist\yangling.dll

+ DragSearch BHO    DragSearch        c:\program files\yahoo!\assistant\assist\ydragsearch.dll

+ HBObject Class    HBHelper Module    Shanghai Henbang Technology Co., Ltd    c:\program files\hbclient\tbhelper.dll

+ MMSAssist BHO    MMSAssist        c:\program files\mmsassist\mmsass~1.dll

+ Yahoo!Photo    yPhtb    Yahoo! China    c:\program files\yahoo!\assistant\assist\yphtb.dll

+ 雅虎助手    ToolBar    Yahoo!    c:\program files\yahoo!\assistant\assist\yasbar.dll

HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks           

+ DiyBar    51NET DiyBar    北京金络神电子商务有限责任公司    c:\winnt\system32\diybar2\diybar2.dll

HKLM\Software\Microsoft\Internet Explorer\Toolbar           

+ toolbar.dll    捜狗直通车    Sohu.com Inc.    c:\p4p\toolbar.dll

+ 雅虎助手    ToolBar    Yahoo!    c:\program files\yahoo!\assistant\assist\yasbar.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions           

+ @shdoclc.dll,-864            c:\winnt\web\related.htm

+ SoQ            File not found: http://www.soq.com

+ 播霸电视            File not found: http://itv.mop.com

+ 访问卡卡社区            File not found: http://www.ikaka.com

+ 访问瑞星网站            File not found: http://www.rising.com.cn

+ 浩方对战平台    浩方对战平台    上海浩方在线信息技术有限公司    c:\program files\浩方对战平台\gameclient.exe

+ 浩方对战平台    浩方对战平台    上海浩方在线信息技术有限公司    c:\program files\浩方对战平台\gameclient.exe

+ 易趣购物            File not found: http://click2.ad4all.net/url2/urlmanage/url.asp?id=5

Task Scheduler           

+ 1-Click Maintenance.job            File not found: C:\Program Files\TuneUp Utilities 2004\SystemOptimizer.exe

HKLM\System\CurrentControlSet\Services           

+ NVSvc    Provides system and desktop level support to the NVIDIA display driver    NVIDIA Corporation    c:\winnt\system32\nvsvc32.exe

+ RsRavMon    RavMond    Beijing Rising Technology Co., Ltd.    c:\program files\rising\rav\ravmond.exe

+ Switch Off            File not found: `?\swoff.exe

+ UserAccess7            c:\winnt\system32\uaservice7.exe

HKLM\System\CurrentControlSet\Services           

+ ALCXWDM    Avance AC'97 Audio Driver (WDM)    Avance Logic, Inc.    c:\winnt\system32\drivers\alcxwdm.sys

+ BaseTDI    basetdi    Beijing Rising Technology Co., Ltd.    c:\winnt\system32\drivers\basetdi.sys

+ cdawdm            File not found: system32\DRIVERS\cdawdm.sys

+ d347bus    PnP BIOS Extension         c:\winnt\system32\drivers\d347bus.sys

+ d347prt    SCSI miniport         c:\winnt\system32\drivers\d347prt.sys

+ dmio    NT Disk Manager I/O Driver    VERITAS Software Corp.    c:\winnt\system32\drivers\dmio.sys

+ dmload    NT Disk Manager Startup Driver    VERITAS Software Corp.    c:\winnt\system32\drivers\dmload.sys

+ ExpScaner    ExpScan.sys        c:\program files\rising\rav\expscan.sys

+ HookCont    TDI HOOK Driver    Rising tech Co. ltd    c:\program files\rising\rav\hookcont.sys

+ HookReg            c:\program files\rising\rav\hookreg.sys

+ HookSys    Hooksys    Rising    c:\program files\rising\rav\hooksys.sys

+ KNetWch    KNetWatch    金山电脑公司    c:\kav2005\knetwch.sys

+ KWatch3    Kingsoft Antivirus KWatch Driver    Kingsoft Corporation    c:\winnt\system32\drivers\kwatch3.sys

+ lhidflt2    Logitech HID Filter Driver    Logitech    c:\winnt\system32\drivers\lhidflt2.sys

+ LHidUsb    Logitech USB Receiver    Logitech    c:\winnt\system32\drivers\lhidusb.sys

+ lkbdflt2    Logitech Keyboard Filter Driver    Logitech    c:\winnt\system32\drivers\lkbdflt2.sys

+ lmouflt2    Logitech Mouse Filter Driver    Logitech    c:\winnt\system32\drivers\lmouflt2.sys

+ MEMSCAN    MemScan Driver    瑞星软件有限公司    c:\program files\rising\rav\memscan.sys

+ New0            c:\winnt\system32\new.sys

+ npkcrypt            File not found: C:\Program Files\Tencent\qq\npkcrypt.sys

+ nv    NVIDIA Compatible Windows 2000 Miniport Driver, Version 52.16     NVIDIA Corporation    c:\winnt\system32\drivers\nv4_mini.sys

+ prodrv05            File not found: C:\WINNT\System32\drivers\prodrv05.sys

+ prohlp01            File not found: System32\drivers\prohlp01.sys

+ Ptilink    Direct Parallel Link Driver    Parallel Technologies, Inc.    c:\winnt\system32\drivers\ptilink.sys

+ QuakeDRV            c:\winnt\system32\drivers\quakedrv.sys

+ RMSPPPOE    PPP over Ethernet Protocol NDIS Intermediate Driver    Robert Schlabbach    c:\winnt\system32\drivers\rmspppoe.sys

+ rtl8139    NDIS 5.0 driver                                                                      Realtek Semiconductor Corporation                                                    c:\winnt\system32\drivers\rtl8139.sys

+ SVKP    SVKP driver for NT    AntiCracking    c:\winnt\system32\svkp.sys

+ TVICHW32    TVicHW32 5.0 Generic Device Driver    EnTech Taiwan    c:\winnt\system32\drivers\tvichw32.sys

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls           

+ C:\WINNT\system32\SoDAHK.DLL    SODA Library        c:\winnt\system32\sodahk.dll

HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9           

+ HB_IP    hbmter DLL        c:\winnt\system32\hbmter.dll

+ UDP_CHAIN    hbmter DLL        c:\winnt\system32\hbmter.dll
gototop
 
SLyuCdian
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2006-01-24
  • 来自:
发表于: 2006-01-24 20:31 | 显示全部 短消息 资料
字号: 4楼



gototop
 
SLyuCdian
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2006-01-24
  • 来自:
发表于: 2006-01-24 20:32 | 显示全部 短消息 资料
字号: 5楼

来了日记
HijackThis_zww汉化版扫描日志 V1.99.1
保存于      12:20:16, 日期 2001-1-1
操作系统:  Windows 2000 SP4 (WinNT 5.00.2195)
浏览器:    Internet Explorer v6.00 SP1 (6.00.2800.1106)

当前运行的进程:         
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\UAService7.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Rising\Rav\RavTask.exe
C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe
C:\Program Files\Rising\Rav\RavMon.exe
C:\Program Files\Rising\Rav\Rav.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Thunder Network\Thunder\Thunder.exe
C:\WINNT\system32\conime.exe
C:\Documents and Settings\Administrator\桌面\Autoruns\autoruns.exe
C:\WINNT\system32\NOTEPAD.EXE
D:\HijackThis1991zww.exe
gototop
 
SLyuCdian
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2006-01-24
  • 来自:
发表于: 2006-01-24 20:33 | 显示全部 短消息 资料
字号: 6楼

R3 - URLSearchHook: 虎翼DIY吧! - {0A00D11E-B1E7-44b5-AD88-C9190876AAC4} - C:\WINNT\system32\diybar2\diybar2.dll
O2 - BHO: (no name) - {0005A87D-D626-4B3A-84F9-1D9571695F55}? - (no file)
O2 - BHO: (no name) - {0CA51D02-7739-43EA-8D9A-1E8AD4327B03}? - (no file)
O2 - BHO: yPhtb - {33BBE430-0E42-4f12-B075-8D21ACB10DCB} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yphtb.dll
O2 - BHO: Anti Fish - {38928D50-8A48-44C2-945F-D2F23F771410} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yangling.dll
O2 - BHO: Link Filter - {4022F902-ABC7-4C79-924F-BB26F1D355A2}? - (no file)
O2 - BHO: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll
O2 - BHO: YDragSearch - {62EED7C6-9F02-42f9-B634-98E2899E147B} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\YDRAGS~1.DLL
O2 - BHO: MMSAssist - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O2 - BHO: MMSAssist - {6671A431-5C3D-463d-A7CF-5587F9B7E191}? - (no file)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B}? - (no file)
O2 - BHO: HBObject Class - {AE22AFE5-1EF4-4D25-9E23-D2825FB17DA1} - C:\PROGRA~1\HBClient\tbhelper.dll
O2 - BHO: DownloadBHO T2BHO - {B1D147E7-873E-4909-8127-695D9BB78728}? - (no file)
O2 - BHO: (no name) - {C56CB6B0-0D96-11D6-8C65-B2868B609932}? - (no file)
O2 - BHO: (no name) - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D}? - (no file)
O3 - IE工具栏增项: 卡卡安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\Program Files\Rising\KaKaToolBar\kakatool.dll
O3 - IE工具栏增项: (no name) - {56A7DC70-E102-4408-A34A-AE06FEF01586}? - (no file)
O3 - IE工具栏增项: (no name) - {0A00D11E-B1E7-44b5-AD88-C9190876AAC4}? - (no file)
O3 - IE工具栏增项: (no name) - {DBBB7978-AF21-4EF4-9AD1-B2F4BC75696C}? - (no file)
O3 - IE工具栏增项: (no name) - {D74EC18E-3DDD-4174-B1B1-949FE3B8366D}? - (no file)
O3 - IE工具栏增项: 捜狗直通车 - {DBBB7978-AF21-4EF4-9AD1-B2F4BC75696C} - C:\P4P\Toolbar.dll
O3 - IE工具栏增项: 雅虎助手 - {406F94F0-504F-4a40-8DFD-58B0666ABEBD} - C:\PROGRA~1\Yahoo!\ASSIST~1\assist\yasbar.dll
O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon
O4 - 启动项HKLM\\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - 启动项HKLM\\Run: [NMGameX_AutoRun] C:\WINNT\system32\Rundll32.exe NMGameX.dll,LiveProcess /aa
O4 - 启动项HKLM\\Run: [RavTask] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [YLive.exe] C:\PROGRA~1\Yahoo!\ASSIST~1\YLive.exe
O4 - 启动项HKLM\\Run: [StormCodec_Helper] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - 启动项HKLM\\Run: [RichMedia] C:\WINNT\system32\Rundll32.exe  "C:\PROGRA~1\HBClient\tbhelper.dll",WaitWindows
O4 - 启动项HKLM\\Run: [yassistse] "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"
O4 - 启动项HKLM\\Run: [Super Rabbit SRRestore] H:\Super Rabbit\MagicSet\srrestore.exe /autosave
O4 - HKCU\..\Run: [BitComet] "H:\BT\BitComet\BitComet.exe"
O4 - HKCU\..\Run: [KavPFW] "C:\KAV2005\KAVPFW.EXE"
O4 - Startup: 连接设备 Realtek RTL8139(A) PCI Fast Ethernet Adapter #2.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - IE右键菜单中的新增项目:  >> 彩信发送 << - res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\geturl.htm
O8 - IE右键菜单中的新增项目: &使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\getallurl.htm
O8 - IE右键菜单中的新增项目: 使用影音传送带下载 - C:\Program Files\Xi\NetTransport 2\NTAddLink.html
O8 - IE右键菜单中的新增项目: 使用影音传送带下载全部链接 - C:\Program Files\Xi\NetTransport 2\NTAddList.html
O8 - IE右键菜单中的新增项目: 使用搜狗直通车下载 - C:\P4P\dl.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载 - H:\FlashGet\jc_link.htm
O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - H:\FlashGet\jc_all.htm
O8 - IE右键菜单中的新增项目: 发送图片到手机 - C:\P4P\cx.htm
O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - E:\qq\AddPanel.htm
O8 - IE右键菜单中的新增项目: 添加到QQ表情 - E:\qq\AddEmotion.htm
O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - E:\qq\SendMMS.htm
O8 - IE右键菜单中的新增项目: 雅虎搜索 - res://C:\PROGRA~1\Yahoo!\Assistant\Assist\yasbar.dll/246
O9 - 浏览器额外的按钮: 免费精彩视频超流畅在线观看 - {022C4009-5283-4365-97BF-144054B40E2E}? - http://itv.mop.com (file missing)
O9 - 浏览器额外的“工具”菜单项: 播霸电视 - {022C4009-5283-4365-97BF-144054B40E2E}? - http://itv.mop.com (file missing)
O9 - 浏览器额外的按钮: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A} - C:\Program Files\浩方对战平台\GameClient.exe
O9 - 浏览器额外的按钮: 浩方对战平台 - {0A155D3C-68E2-4215-A47A-E800A446447A}? - C:\Program Files\浩方对战平台\GameClient.exe
O9 - 浏览器额外的按钮: (no name) - {3F686D91-4AFA-4ed1-B43F-F1DB46ED480C}? - C:\WINNT\system32\shdocvw.dll
O9 - 浏览器额外的“工具”菜单项: Link Filter - {3F686D91-4AFA-4ed1-B43F-F1DB46ED480C}? - C:\WINNT\system32\shdocvw.dll
O9 - 浏览器额外的按钮: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O9 - 浏览器额外的“工具”菜单项: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O9 - 浏览器额外的按钮: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191}? - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O9 - 浏览器额外的“工具”菜单项: MMSAssist工具条设置 - {6671A433-5C3D-463d-A7CF-5587F9B7E191}? - C:\PROGRA~1\MMSASS~1\Mmsass~1.dll
O9 - 浏览器额外的按钮: 珊瑚虫 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F}? - C:\Program Files\Infofo Bar\infofobar.dll
O9 - 浏览器额外的“工具”菜单项: 珊瑚虫 工具栏 - {8507326C-B5C1-4559-BB91-0919E753836F}? - C:\Program Files\Infofo Bar\infofobar.dll
O9 - 浏览器额外的按钮: SoQ - {8F67DCF3-B1DF-4A39-A787-3775784BF737}? - http://www.soq.com (file missing)
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - 浏览器额外的按钮: 易趣购物 - {DE607143-AC19-423e-869A-9D70ABDF119A}? - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - 浏览器额外的“工具”菜单项: 易趣购物 - {DE607143-AC19-423e-869A-9D70ABDF119A}? - http://click2.ad4all.net/url2/urlmanage/url.asp?id=5 (file missing)
O9 - 浏览器额外的按钮: 访问瑞星网站 - {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E444}? - http://www.rising.com.cn (file missing)
O9 - 浏览器额外的按钮: 访问卡卡社区 - {FF2DE7A6-ECB1-4CBC-9C0E-D92A9E66E445}? - http://www.ikaka.com (file missing)
O10 - 未知的文件在 Winsock LSP: c:\winnt\system32\hbmter.dll
O10 - 未知的文件在 Winsock LSP: c:\winnt\system32\hbmter.dll
gototop
 
SLyuCdian
头像
初生襁褓狮
  • 帖子:7
  • 注册: 2006-01-24
  • 来自:
发表于: 2006-01-24 20:33 | 显示全部 短消息 资料
字号: 7楼

O11 - Options group: [!CNS]  上网助手-地址栏搜索
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://xxxtrayicon.com/xtrayinst.exe
O16 - DPF: {037B3D58-D14A-4C41-BDFD-BD779B0B97BA} - http://www.thepaymentcentre.com/build/vxiewer.cab
O16 - DPF: {047C50E8-A451-4ECC-9920-8E5C0F8956E9} (seedupdate Class) - http://ad.tom.com/seedupdateatl.cab
O16 - DPF: {16BFA456-1B0A-4602-8871-FAF3BCB9F088} (LMViewer Control) - http://219.159.68.135/eod/ActiveX/LMViewer.CAB
O16 - DPF: {28E0FA88-ABA8-4937-A247-3031F1A11165} (Installer Class) - http://pi.51.net/download/diybar2.cab
O16 - DPF: {3717DF57-0396-463D-98B7-647C7DC6898A} - http://delivery.inet-traffic.com/inetdl.exe
O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab
O16 - DPF: {3E1AC0FE-40E9-42BC-8C23-FDA0ED7A1482} (totoinstall Control) - http://a.5ku.com/client/activex/totoinstall_ch.cab
O16 - DPF: {562E9E9A-D020-4CDB-8F58-B4A4E896EFEF} (LMDownload Control) - http://219.159.68.135/eod/ActiveX/LMDownload.CAB
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/054d370b5dc9a573be03/netzip/RdxIE601_cn.cab
O16 - DPF: {56A7DC70-E102-4408-A34A-AE06FEF01586} (天下搜索) - http://iebar.t2t2.com/iebar.cab
O16 - DPF: {58CDB34C-B4D7-418B-A0FB-C4C8A01C2F0E} (DIYBAR) - http://pi.51.net/download/diybar2.cab
O16 - DPF: {5DD731E6-D4F0-11D3-BE3F-00105A6FDA50} (V3ProX Control) - http://origin-www.ahn.com.cn/aspservice/plugin/myv3.cab
O16 - DPF: {8135EF31-FE8C-4C6E-A18A-F59944C3A488} (Spocx Class) - http://ddddl.dudu.com/ddd/channel/spockx-channel.cab
O16 - DPF: {9242BB35-0DB0-43AC-8DFC-8EA07E63B92A} (LiveMediaOcx Control) - http://219.133.60.95:1080/qqtv/QQLive1.0Beta02.exe
O16 - DPF: {98A62E3F-A8C5-4EF0-8A00-C70CF9D18A89} (LoaderCore Class) - http://tb.sogou.com/DLLoader.cab
O16 - DPF: {9BBD100C-E820-4930-9937-E8F3AA40E584} (DFVSScanFile Control) - http://antivirus3.sunv.com/dfvsolDown/dfvsol.cab
O16 - DPF: {A96C48EA-AA88-4BBD-B58C-7B41146A6EAC} (Qzone Media Tools) - http://imgcache.qq.com/qzone/photo/QzoneMediaTools.cab
O16 - DPF: {ABA7CC7F-019D-47DB-A0D2-B3C2B3AC1B44} (Fc2Boot Class) - http://space.fenteng.net/gameser/system/fc2boot.cab
O16 - DPF: {C8BD9ACB-F7EC-48E6-BB2F-DAADC6789E9A} (Kingsoft DUBA OnlineScan) - http://211.152.52.102/duba/antiscan/update/OCX/KAVClean.CAB
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://joyon03.lgcdn.com/joyon/nprotect/nProtect/npx.cab
O16 - DPF: {E2F2B9D0-96B9-4B25-B90C-636ECB207D18} - http://www.whenusearch.com/WUInstSEWC.cab
O16 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (Rising Web Scan Object) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2006new/OL2006.cab
O16 - DPF: {EF248BC9-F17D-4024-8868-71A5D22C667C} (Hbact.HbactObject) - http://download.henbang.net/download/updatelist/hap111.cab
O16 - DPF: {FEE1002D-90A5-4A5D-AABE-01803FFBCF7A} (pCastPanel Class) - http://ps.itv.mop.com/dn/files/pCastCtl_1.0.0.76_20051110.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0A6C7397-F000-4A60-B68A-168D8100EE2F}: NameServer = 202.103.224.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{12F46497-E8DC-4430-8C0C-130BAD605105}: NameServer = 202.103.224.68
O17 - HKLM\System\CCS\Services\Tcpip\..\{334A672E-4E77-4B0F-935E-8123AA4AD98E}: NameServer = 202.103.224.68 202.103.225.68
O18 - 列举现有的协议: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll
O18 - 列举现有的协议: cdl - {3DD53D40-7B8B-11D0-B013-00AA0059CE02} - C:\WINNT\system32\urlmon.dll
O18 - 列举现有的协议: file - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - 列举现有的协议: ftp - {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - 列举现有的协议: gopher - {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - 列举现有的协议: http - {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - 列举现有的协议: https - {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - 列举现有的协议: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINNT\wc98pp.dll
O18 - 列举现有的协议: ipp - (no CLSID) - (no file)
O18 - 列举现有的协议: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINNT\system32\itss.dll
O18 - 列举现有的协议: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll
O18 - 列举现有的协议: local - {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - 列举现有的协议: mailto - {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll
O18 - 列举现有的协议: mbox - {7DEE9D05-FA0A-4416-A6F3-6537D0EAB6A6} - C:\WINNT\system32\mbprot.dll
O18 - 列举现有的协议: mhtml - {05300401-BCBC-11D0-85E3-00C04FD85AB4} - C:\WINNT\system32\inetcomm.dll
O18 - 列举现有的协议: mk - {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} - C:\WINNT\system32\urlmon.dll
O18 - 列举现有的协议: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINNT\system32\itss.dll
O18 - 列举现有的协议: msdaipp - (no CLSID) - (no file)
O18 - 列举现有的协议: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll
O18 - 列举现有的协议: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINNT\system32\mshtml.dll
O18 - 列举现有的协议: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll
O18 - 列举现有的协议: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\WINNT\system32\msdxm.ocx
O20 - AppInit_DLLs: C:\WINNT\system32\SoDAHK.DLL
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - NT 服务: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: Switch Off - Unknown owner - `?\swoff.exe (file missing)
O23 - NT 服务: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINNT\system32\UAService7.exe
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT